← 返回 Skills 市场
endcy

Encrypted File Reader

作者 endcy · GitHub ↗ · v1.0.0
cross-platform ⚠ pending
421
总下载
0
收藏
3
当前安装
1
版本数
在 OpenClaw 中安装
/install encrypted-file-reader
功能描述
读取本地授权访问的加密及受保护文本、Word和Excel文件内容,支持企业安全策略环境下的合法文件读取。
使用说明 (SKILL.md)

encrypted-file-reader

读取本地加密/受保护的文件内容,支持企业安全策略环境。

功能

  • 读取文本文件(.txt, .md, .java, .py, .js 等)
  • 读取 Word 文档(.docx)
  • 读取 Excel 表格(.xlsx)
  • 自动处理特殊编码文件的解码问题
  • 支持企业安全策略环境下的文件读取
  • 适用于通过授权应用程序可访问的加密文件

使用方法

通过 Python 脚本调用

python D:\ai\skills\encrypted-file-reader\read_file.py \x3C文件路径>

示例

# 读取文本文件
python D:\ai\skills\encrypted-file-reader\read_file.py E:\data	est.txt

# 读取 Word 文档
python D:\ai\skills\encrypted-file-reader\read_file.py E:\data	est.docx

# 读取 Excel 表格
python D:\ai\skills\encrypted-file-reader\read_file.py E:\data	est.xlsx

支持的扩展名

  • 文本类: .txt, .md, .markdown, .rst, .log, .csv, .tsv
  • 代码类: .java, .py, .js, .ts, .jsx, .tsx, .c, .cpp, .h, .cs, .go, .rs, .rb, .php, .vue
  • 配置类: .json, .xml, .yaml, .yml, .toml, .ini, .cfg, .properties, .gradle, .config, .env
  • 样式类: .html, .htm, .css, .scss, .sass, .less
  • 脚本类: .sh, .bash, .bat, .cmd, .ps1, .sql
  • Word 文档: .docx
  • Excel 表格: .xlsx

输出

  • 成功:输出文件内容(UTF-8 编码)
  • 失败:输出错误信息

技术原理

  • 文本文件: 直接读取二进制后用 UTF-8 解码
  • Office 文件: 使用 zipfile 解压后提取 XML 中的文本内容
  • 加密/受保护文件: 通过正确的字节处理方式处理通过授权应用程序可访问的文件内容

依赖

  • Python 3.x
  • 标准库(zipfile, re, sys, os)

注意事项

  • 本工具仅读取用户有权限访问的本地文件
  • 不支持绕过合法的文件访问控制
  • 适用于企业环境中授权的文件读取场景
  • 文件需要能通过系统授权的应用程序(如 Word、Excel)正常打开

法律说明

  • 本工具仅用于读取用户有合法访问权限的本地文件
  • 不支持绕过任何合法的文件访问控制或权限管理
  • 用户应确保使用本工具符合所在组织的政策和法律法规
  • 本工具通过正确的编码处理方式读取文件,不涉及破解或绕过加密
安全使用建议
This skill appears to be a simple local reader that extracts text from plain files and Office .docx/.xlsx packages; it does not contact external endpoints or request secrets. Before installing or using it: (1) be aware it does NOT bypass password protection or decrypt truly encrypted Office files—password-protected/encrypted .docx/.xlsx will likely fail; (2) its text reader always decodes as UTF-8 despite claims of automatic encoding detection—files in other encodings may error; (3) because it reads arbitrary local files, avoid running it against highly sensitive data unless you trust the environment and have inspected the code (which is short and uses only standard libs); (4) if you need decryption of protected files, look for explicit support for Office encryption/passwords or official APIs rather than relying on this tool. If you want higher assurance, verify the referenced GitHub repository and run the script in a controlled environment with non-sensitive test files first.
功能分析
Type: OpenClaw Skill Name: encrypted-file-reader Version: 1.0.0 The skill is classified as **suspicious**. The `read_file.py` script, while ostensibly designed for reading various file types, includes a very extensive list of `TEXT_EXTENSIONS` that encompasses highly sensitive files such as `.env`, `.pem`, `.key`, `.crt`, `.ssh`, `.aws`, `.kubeconfig`, `.npmrc`, `.gitconfig`, `.bashrc`, `.history`, and many other configuration, credential, and log files. The script's primary function is to read the content of any specified local file and print it to standard output. While the skill's documentation (`SKILL.md`, `README.md`) explicitly states it "only reads local files the user has permission to access" and "does not bypass any legitimate file access control," the capability to read such a broad range of sensitive files, if invoked by an AI agent with elevated privileges or tricked by prompt injection, presents a significant data exfiltration risk. There is no explicit malicious intent (e.g., exfiltration to a remote server) within the code itself, but the broad file access capability makes it a high-risk vulnerability. ```json { "classification": "suspicious", "summary": "The `read_file.py` script is designed to read local file content and includes an extremely broad list of `TEXT_EXTENSIONS` that covers many sensitive file types (e.g., .env, .pem, .key, .ssh, .aws, .history). While the code itself does not contain explicit data exfiltration logic or malicious commands,
能力评估
Purpose & Capability
The name/description claim to read local (including protected) Office and text files. The shipped Python script reads text files, extracts XML from .docx and .xlsx ZIP packages, and uses only standard library modules—this matches the stated primary purpose. There are no unrelated environment variables, binaries, or services requested. The only mismatch: the description suggests handling 'encrypted/受保护' files accessible to authorized apps; the code does not implement decryption or password-unlocking of password-protected Office files and will fail on truly encrypted Office packages.
Instruction Scope
SKILL.md instructs running the included Python script on a local path, and provides examples; it does not instruct reading unrelated system files or exfiltrating data. Note: the documentation claims '自动处理特殊编码' (automatic handling of special encodings), but the implementation always decodes text files as UTF-8 only, so it may error on files in other encodings.
Install Mechanism
No install spec or remote downloads; the skill is instruction-only with a local Python script and standard-library dependencies. No network fetch or archive extraction during install—low installer risk.
Credentials
The skill requests no environment variables, no credentials, and no config paths. The code uses only local file I/O and standard libraries—requested access is proportional to the stated purpose.
Persistence & Privilege
always is false and the skill does not request elevated or persistent platform privileges. Autonomous invocation is allowed by default (disable-model-invocation is false) but that is normal; there is no evidence the skill modifies other skills or agent-wide settings.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install encrypted-file-reader
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /encrypted-file-reader 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release - Support reading 80+ text file formats, Word (.docx), and Excel (.xlsx) files. Compatible with enterprise security policy environments where files are accessible through authorized applications,just like lvdun(绿dun). Uses proper encoding handling without bypassing any encryption or access controls.
元数据
Slug encrypted-file-reader
版本 1.0.0
许可证
累计安装 3
当前安装数 3
历史版本数 1
常见问题

Encrypted File Reader 是什么?

读取本地授权访问的加密及受保护文本、Word和Excel文件内容,支持企业安全策略环境下的合法文件读取。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 421 次。

如何安装 Encrypted File Reader?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install encrypted-file-reader」即可一键安装,无需额外配置。

Encrypted File Reader 是免费的吗?

是的,Encrypted File Reader 完全免费(开源免费),可自由下载、安装和使用。

Encrypted File Reader 支持哪些平台?

Encrypted File Reader 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Encrypted File Reader?

由 endcy(@endcy)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论